suse-su-2025:1399-1
Vulnerability from csaf_suse
Published
2025-04-29 13:35
Modified
2025-04-29 13:35
Summary
Security update for java-11-openjdk
Notes
Title of the patch
Security update for java-11-openjdk
Description of the patch
This update for java-11-openjdk fixes the following issues:
Upgrade to upstream tag jdk-11.0.27+6 (April 2025 CPU)
CVEs:
+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)
+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)
+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)
Changes:
+ JDK-8195675: Call to insertText with single character
from custom Input Method ignored
+ JDK-8202926: Test java/awt/Focus/
/WindowUpdateFocusabilityTest/
/WindowUpdateFocusabilityTest.html fails
+ JDK-8216539: tools/jar/modularJar/Basic.java timed out
+ JDK-8268364: jmethod clearing should be done during
unloading
+ JDK-8273914: Indy string concat changes order of
operations
+ JDK-8294316: SA core file support is broken on macosx-x64
starting with macOS 12.x
+ JDK-8306408: Fix the format of several tables in
building.md
+ JDK-8309841: Jarsigner should print a warning if an entry
is removed
+ JDK-8312049: runtime/logging/ClassLoadUnloadTest can be
improved
+ JDK-8320916: jdk/jfr/event/gc/stacktrace/
/TestParallelMarkSweepAllocationPendingStackTrace.java failed
with 'OutOfMemoryError: GC overhead limit exceeded'
+ JDK-8327650: Test java/nio/channels/DatagramChannel/
/StressNativeSignal.java timed out
+ JDK-8328242: Add a log area to the PassFailJFrame
+ JDK-8331863: DUIterator_Fast used before it is constructed
+ JDK-8336012: Fix usages of jtreg-reserved properties
+ JDK-8337494: Clarify JarInputStream behavior
+ JDK-8337692: Better TLS connection support
+ JDK-8338430: Improve compiler transformations
+ JDK-8339560: Unaddressed comments during code review of
JDK-8337664
+ JDK-8339810: Clean up the code in sun.tools.jar.Main to
properly close resources and use ZipFile during extract
+ JDK-8339931: Update problem list for
WindowUpdateFocusabilityTest.java
+ JDK-8340387: Update OS detection code to recognize
Windows Server 2025
+ JDK-8341424: GHA: Collect hs_errs from build time failures
+ JDK-8342562: Enhance Deflater operations
+ JDK-8342704: GHA: Report truncation is broken after
JDK-8341424
+ JDK-8343007: Enhance Buffered Image handling
+ JDK-8343474: [updates] Customize README.md to specifics
of update project
+ JDK-8343599: Kmem limit and max values swapped when
printing container information
+ JDK-8343786: [11u] GHA: Bump macOS and Xcode versions to
macos-13 and XCode 14.3.1
+ JDK-8344589: Update IANA Language Subtag Registry to
Version 2024-11-19
+ JDK-8345509: Bump update version of OpenJDK: 11.0.27
+ JDK-8346587: Distrust TLS server certificates anchored by
Camerfirma Root CAs
+ JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no
license header
+ JDK-8347847: Enhance jar file support
+ JDK-8347965: (tz) Update Timezone Data to 2025a
+ JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25
updates
+ JDK-8352097: (tz) zone.tab update missed in 2025a backport
+ JDK-8354087: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.27
Patchnames
SUSE-2025-1399,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1399,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1399
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-11-openjdk",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-11-openjdk fixes the following issues:\n\nUpgrade to upstream tag jdk-11.0.27+6 (April 2025 CPU)\n\nCVEs:\n\n+ CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data (bsc#1241274)\n+ CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access (bsc#1241275)\n+ CVE-2025-30698: Fixed Oracle Java 2D unauthorized data access and DoS (bsc#1241276)\n\nChanges:\n\n + JDK-8195675: Call to insertText with single character\n from custom Input Method ignored\n + JDK-8202926: Test java/awt/Focus/\n /WindowUpdateFocusabilityTest/\n /WindowUpdateFocusabilityTest.html fails\n + JDK-8216539: tools/jar/modularJar/Basic.java timed out\n + JDK-8268364: jmethod clearing should be done during\n unloading\n + JDK-8273914: Indy string concat changes order of\n operations\n + JDK-8294316: SA core file support is broken on macosx-x64\n starting with macOS 12.x\n + JDK-8306408: Fix the format of several tables in\n building.md\n + JDK-8309841: Jarsigner should print a warning if an entry\n is removed\n + JDK-8312049: runtime/logging/ClassLoadUnloadTest can be\n improved\n + JDK-8320916: jdk/jfr/event/gc/stacktrace/\n /TestParallelMarkSweepAllocationPendingStackTrace.java failed\n with \u0027OutOfMemoryError: GC overhead limit exceeded\u0027\n + JDK-8327650: Test java/nio/channels/DatagramChannel/\n /StressNativeSignal.java timed out\n + JDK-8328242: Add a log area to the PassFailJFrame\n + JDK-8331863: DUIterator_Fast used before it is constructed\n + JDK-8336012: Fix usages of jtreg-reserved properties\n + JDK-8337494: Clarify JarInputStream behavior\n + JDK-8337692: Better TLS connection support\n + JDK-8338430: Improve compiler transformations\n + JDK-8339560: Unaddressed comments during code review of\n JDK-8337664\n + JDK-8339810: Clean up the code in sun.tools.jar.Main to\n properly close resources and use ZipFile during extract\n + JDK-8339931: Update problem list for\n WindowUpdateFocusabilityTest.java\n + JDK-8340387: Update OS detection code to recognize\n Windows Server 2025\n + JDK-8341424: GHA: Collect hs_errs from build time failures\n + JDK-8342562: Enhance Deflater operations\n + JDK-8342704: GHA: Report truncation is broken after\n JDK-8341424\n + JDK-8343007: Enhance Buffered Image handling\n + JDK-8343474: [updates] Customize README.md to specifics\n of update project\n + JDK-8343599: Kmem limit and max values swapped when\n printing container information\n + JDK-8343786: [11u] GHA: Bump macOS and Xcode versions to\n macos-13 and XCode 14.3.1\n + JDK-8344589: Update IANA Language Subtag Registry to\n Version 2024-11-19\n + JDK-8345509: Bump update version of OpenJDK: 11.0.27\n + JDK-8346587: Distrust TLS server certificates anchored by\n Camerfirma Root CAs\n + JDK-8347427: JTabbedPane/8134116/Bug8134116.java has no\n license header\n + JDK-8347847: Enhance jar file support\n + JDK-8347965: (tz) Update Timezone Data to 2025a\n + JDK-8349603: [21u, 17u, 11u] Update GHA JDKs after Jan/25\n updates\n + JDK-8352097: (tz) zone.tab update missed in 2025a backport\n + JDK-8354087: [11u] Remove designator\n DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.27\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1399,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1399,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1399",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1399-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1399-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251399-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1399-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-April/039103.html"
},
{
"category": "self",
"summary": "SUSE Bug 1241274",
"url": "https://bugzilla.suse.com/1241274"
},
{
"category": "self",
"summary": "SUSE Bug 1241275",
"url": "https://bugzilla.suse.com/1241275"
},
{
"category": "self",
"summary": "SUSE Bug 1241276",
"url": "https://bugzilla.suse.com/1241276"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21587 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30698 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30698/"
}
],
"title": "Security update for java-11-openjdk",
"tracking": {
"current_release_date": "2025-04-29T13:35:08Z",
"generator": {
"date": "2025-04-29T13:35:08Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1399-1",
"initial_release_date": "2025-04-29T13:35:08Z",
"revision_history": [
{
"date": "2025-04-29T13:35:08Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-11.0.27.0-3.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-jmods-11.0.27.0-3.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.aarch64",
"product": {
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.aarch64",
"product_id": "java-11-openjdk-src-11.0.27.0-3.87.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-11.0.27.0-3.87.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-demo-11.0.27.0-3.87.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-devel-11.0.27.0-3.87.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-headless-11.0.27.0-3.87.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-jmods-11.0.27.0-3.87.1.i586"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.i586",
"product": {
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.i586",
"product_id": "java-11-openjdk-src-11.0.27.0-3.87.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-javadoc-11.0.27.0-3.87.1.noarch",
"product": {
"name": "java-11-openjdk-javadoc-11.0.27.0-3.87.1.noarch",
"product_id": "java-11-openjdk-javadoc-11.0.27.0-3.87.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-11.0.27.0-3.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-jmods-11.0.27.0-3.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.ppc64le",
"product": {
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.ppc64le",
"product_id": "java-11-openjdk-src-11.0.27.0-3.87.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-11.0.27.0-3.87.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-demo-11.0.27.0-3.87.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-devel-11.0.27.0-3.87.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-headless-11.0.27.0-3.87.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-jmods-11.0.27.0-3.87.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.s390x",
"product": {
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.s390x",
"product_id": "java-11-openjdk-src-11.0.27.0-3.87.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-11.0.27.0-3.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-jmods-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-jmods-11.0.27.0-3.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.x86_64",
"product": {
"name": "java-11-openjdk-src-11.0.27.0-3.87.1.x86_64",
"product_id": "java-11-openjdk-src-11.0.27.0-3.87.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64"
},
"product_reference": "java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le"
},
"product_reference": "java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x"
},
"product_reference": "java-11-openjdk-11.0.27.0-3.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64"
},
"product_reference": "java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le"
},
"product_reference": "java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x"
},
"product_reference": "java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64"
},
"product_reference": "java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le"
},
"product_reference": "java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x"
},
"product_reference": "java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64"
},
"product_reference": "java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le"
},
"product_reference": "java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x"
},
"product_reference": "java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
},
"product_reference": "java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21587"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21587",
"url": "https://www.suse.com/security/cve/CVE-2025-21587"
},
{
"category": "external",
"summary": "SUSE Bug 1241274 for CVE-2025-21587",
"url": "https://bugzilla.suse.com/1241274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T13:35:08Z",
"details": "important"
}
],
"title": "CVE-2025-21587"
},
{
"cve": "CVE-2025-30691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30691"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30691",
"url": "https://www.suse.com/security/cve/CVE-2025-30691"
},
{
"category": "external",
"summary": "SUSE Bug 1241275 for CVE-2025-30691",
"url": "https://bugzilla.suse.com/1241275"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T13:35:08Z",
"details": "moderate"
}
],
"title": "CVE-2025-30691"
},
{
"cve": "CVE-2025-30698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30698"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30698",
"url": "https://www.suse.com/security/cve/CVE-2025-30698"
},
{
"category": "external",
"summary": "SUSE Bug 1241274 for CVE-2025-30698",
"url": "https://bugzilla.suse.com/1241274"
},
{
"category": "external",
"summary": "SUSE Bug 1241276 for CVE-2025-30698",
"url": "https://bugzilla.suse.com/1241276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-demo-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-devel-11.0.27.0-3.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:java-11-openjdk-headless-11.0.27.0-3.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-29T13:35:08Z",
"details": "important"
}
],
"title": "CVE-2025-30698"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…